<?php
include_once('common/header.php');
if($AppUI->id <=0 ) {
	$strUsername = $objRequest->getParam('pUserName', '');
	$strPassword = $objRequest->getParam('pPassWord', '');
	$intError	 = 0;
	if($strUsername && $strPassword) {
		if(isset($_SESSION['sUsername'])) unset($_SESSION['sUsername']);
		if(isset($_SESSION['sLoginErr'])) unset($_SESSION['sLoginErr']);
		$objAdmin	= new Admin();
		$arrInfo 	= $objAdmin->getInfoByUsername($strUsername);		
		if($arrInfo) {
			$strPassDb 			= $arrInfo->password;
			$strChapPassword	= md5(md5(session_id()) . $strPassDb);	
			if($strChapPassword == $strPassword) {
				session_regenerate_id();
				$objAuth = new Vfriend_Auth();
				if($AppUI = $objAuth->authVfriend($arrInfo, 1)) {					
					Vfriend_Function::redirect(isset($_SESSION[SESSION_BACKURL]) ? $_SESSION[SESSION_BACKURL] : HOST_BACKEND);
					exit();
				}
			} else {
				$intError = 3;
			}
		} else {
			$intError = 2;
		}
	} 
	if($intError > 0) {
		$_SESSION['sUsername'] 	= $strUsername;
		$_SESSION['sLoginErr']	= $intError;
		$strUrl = HOST_BACKEND.'?err=' . $intError;
	}
	else {
		$strUrl = HOST_BACKEND;
	}
	Vfriend_Function::redirect($strUrl);
} else {
	Vfriend_Function::redirect(HOST_BACKEND);
}
?>